CVE-2016-4834

2016-08-01T02:59:00
ID CVE-2016-4834
Type cve
Reporter cve@mitre.org
Modified 2016-12-06T20:00:00

Description

modules/Users/actions/Save.php in Vtiger CRM 6.4.0 and earlier does not properly restrict user-save actions, which allows remote authenticated users to create or modify user accounts via unspecified vectors.